On Thu, 06 Sep 2001, Andrey Savochkin wrote:
> Andi, it's right to the point.
It's false.
> The only one good reason for an SMTP server to bother about IP addresses at
> all is a quick check for mail loops, i.e. a check at the moment of opening
> TCP connection to send a message whether your peer is yourself.
> Bothering about network masks just doesn't have any valid grounds.
> It's not possible to answer the right question (whether you talk to yourself)
> inspecting IP addresses.
> In the original example, mail systems on 192.168.0.4 and 192.168.1.1 may be
> different.
I'm not sure where and why you deduce the idea this is about MTA loop
detection or peer recognition.
Any application that uses SIOCGIFNETMASK would do, it just happened that
Postfix's inet_addr_local was the tool I used when I found out the
sysctl had returned the first netmask for the second address on Linux,
but not on FreeBSD.
> So, the very right way of doing things is:
> - make admin specify the listening addresses for a mail system in the
> configuration and use them to check for loops;
Or just use IPADDR_ANY...
> - never try to learn anything about networking configuration.
...which is wrong, because the MTA must know its own IP addresses to
accept domain literals, and SIOCGIFCONF works and returns all addresses,
it just happens that looking up the second and subsequent masks fails.
Please see RFC-1123, section 5.2.17, for details.
-- Matthias Andree - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Sep 07 2001 - 21:00:35 EST